Commit graph

346 commits

Author SHA1 Message Date
snipe 6400557901 Check if the edited users permissioms are superuser before edit 2016-10-31 19:37:24 -07:00
snipe 3dac20c20f Unset superadmin by non-superadmins on user create 2016-10-31 19:08:24 -07:00
snipe 429afc6b3f Only save user permissions if the user is a superadmin 2016-10-31 19:07:55 -07:00
snipe 8323ed27c2 Do not makes group editable if the user is not an admin
This fixes a bug where the field was (correctly) disabled if the editing user isn’t a superadmin, but because the field was disabled, it would clear the permission groups.
2016-10-31 18:57:35 -07:00
snipe a4ae3b0091 Show whether device is enabled and/or 2FA is active 2016-10-31 17:16:26 -07:00
snipe cbfcf959f9 Allow certain users to override 2FA with permission 2016-10-31 16:52:25 -07:00
snipe e065d18227 Possible fix for integer weird typing 2016-10-31 13:50:00 -07:00
Frank 10ea5daabd Harden PragmaRX secret to 32 bytes (#2859)
This is needed at all but that extra security is always good.
2016-10-31 11:20:31 -07:00
snipe dce5afde78 Use config URL for links in user list 2016-10-29 07:33:33 -07:00
snipe 38b188f6ff Fixes #2448 - redirect to intended page 2016-10-29 07:32:48 -07:00
snipe fe041b66c6 Adds two-factor to users listing 2016-10-29 07:21:34 -07:00
snipe 408aab112b Removed unneeded else 2016-10-29 06:06:32 -07:00
snipe cea255995c Fixes #106 - adds Google Authenticator support (#2842)
* refactor to clean up LDAP login, and make the login method easier to handle.

* Login refactor cleanup

* Google 2FA package

* Adds Google Authenticator two-factor

* Removed unused blade

* Added optin setting in profile

* Removed dumb comments

* Made lock_passwords check more consistent

* Additional two factor strings

* Lock passwords check

* Display feature disabled text if in demo mode

* Two factor admin reset options

* Translation strings
2016-10-29 05:50:55 -07:00
Daniel Meltzer 3a8edfdf58 Eager load many more things. Fixes a lot of n+1 queries in ajax/bootstrap tables requests (#2832) 2016-10-28 14:15:13 -07:00
snipe a929b635ff Fixes #2809 - adds serial number to components 2016-10-27 15:33:48 -07:00
snipe 3e701c6dd1 Fixes #2814 - adds job title to users listing display 2016-10-27 14:29:07 -07:00
snipe e4140f4c48 Fixes #2817 - adds EOL to custom report 2016-10-27 14:20:55 -07:00
snipe 691f9b621e Fixes #2821 2016-10-26 11:27:37 -07:00
Daniel Meltzer a418dece80 Better checking for empty values when updating. (#2811)
* Better checking for empty values when updating.  There's a lot of conditionals in here that we may want to look at cleaning up over time

* Fix typo.  No manfacturers here.

* Fix model update/import.  Also hardcode the status id of unset assets to the first existing one instead of an id that may not exist... Still not ideal, but better.

* Let requests to .env through the middleware.  We check to see if this is readable during setup as a warning, and as it stands it triggers an infinite loop trying to hit the file.
2016-10-25 19:51:13 -07:00
snipe f30631efb6 Fixed parens on target 2016-10-25 12:53:07 -07:00
snipe 85f3cc1762 Merge branch 'hotfixes/add_username_to_csv_export' into develop 2016-10-25 02:51:27 -07:00
snipe 1793461642 Added username, fixed duplicate company name 2016-10-25 02:50:23 -07:00
snipe d24c4b1152 Merge branch 'hotfixes/export_all_users' into develop 2016-10-25 02:42:20 -07:00
snipe 30f0f6f527 Export users to CSV
Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
snipe b839741069 Merge branch 'hotfixes/order_number_numeric' into develop 2016-10-19 15:03:05 -07:00
Daniel Meltzer 85af8e46e3 Set a user_id of -1 if there isn't a logged in user. This fixes the CLI importer, and opens the door in the future for some sort of virtual importer user... which may fix other issues the importer currently has (#2775) 2016-10-17 11:07:08 -07:00
Daniel Meltzer e85241af6a Log checkouts (#2772)
* Ensure the log has a target before trying to fetch the associated company

* Log creation of items, both in importer and manually
2016-10-12 18:45:32 -07:00
snipe 31898d0f85 Fixes #2751 - asset tag added to asset maintenance report 2016-10-12 14:18:51 -07:00
snipe b3329135df Merge branch 'develop' of github.com:snipe/snipe-it into develop 2016-10-12 12:50:35 -07:00
snipe 2350c1c15c Fixes #2352 2016-10-12 12:50:30 -07:00
snipe 8f4e016c01 Fixes #2768 and #2753 2016-10-12 12:48:37 -07:00
Daniel Meltzer 8e60767c00 Guard against null values in the reports generator. May fix #2758 (#2762) 2016-10-12 12:06:38 -07:00
Daniel Meltzer 2e0a7abbe9 Rework permissions view (#2756)
* Early layout work on a cleaner permissions interface

* Cleanup layout.  Make new permissions view work.  Still needs some css and javascript improvements.  Also need to do the same thing to the group view.

* Improve styling, add javascript to toggle an entire group of permissions if choosing the permission on the header row.  Would be nice to add collapsing of sections in the future.

* Toggle viewing sections.

* Special case places where we only have one item in a group to only display the item once.

* Filter getCreate the same way.
2016-10-12 12:06:28 -07:00
Matthias Frei 4b6ba6cb30 BugFix: Asset name was not included in custom report (#2733)
* BugFix: Asset name was not included in custom report

* BugFix: Custom Asset Report did not escape commas in custom fields. So the csv file is inconsistent, if a custom field containes a comma.  Added an escape function which escapes the commas with a backslash.
A csvreader can be configured to handle the escape character.
2016-10-12 12:05:49 -07:00
Daniel Meltzer 2a95a95e00 Company to logs (#2717)
* Fix the actionlog/companyables problem by adding a company_id to all actionlogs and scoping directly on that.  Works around bugs in laravel where trying to hunt down the polymorphic relationship would lead to an infinite loop

* Scope companyables in getactivityreport.  Also eager load.

* Improve reportscontroller, work on seeder to test this.

* Only show company users in checkout dialogs

* If no admin associated with log, it might be a request.  Leave blank instead of saying deleted admin

* When injecting company_id, use target instead of user if user is a superadmin

* Build up the seeder to generate users, companies, and logs.

* Eager load the log, don't scope the users log because the log should already include things only related to the user.
2016-09-29 22:20:49 -07:00
snipe b41883c125 Use user object to prevent errors on deleted users 2016-09-29 11:37:38 -07:00
snipe 0a218a37d0 Check that the user exists before trying to get location id 2016-09-29 10:32:09 -07:00
Brady Wetherington 7ca7877740 Fix mismerged code. (#2705) 2016-09-28 22:57:19 -07:00
snipe 1394424760 Merge branch 'hotfixes/customfields_in_asset_report' into develop
# Conflicts:
#	resources/views/models/custom_fields_form.blade.php
2016-09-28 19:28:55 -07:00
snipe fc07753a5c Use $customfields in closure 2016-09-28 19:18:01 -07:00
snipe 7bbe85801e Fixed typo :( 2016-09-28 15:45:05 -07:00
snipe 8774927b91 PHPStorm lag = fail 2016-09-28 15:40:51 -07:00
snipe 48b52a0ccc Merge branch 'hotfixes/p-typo' into develop 2016-09-28 08:59:07 -07:00
snipe 9ecb0e6ca1 Fixed errant typo 2016-09-28 08:58:16 -07:00
snipe 9091385182 Merge branch 'hotfixes/purchase_cost' into develop
# Conflicts:
#	app/Http/Controllers/ReportsController.php
#	config/version.php
2016-09-27 19:13:21 -07:00
snipe b90c0de822 Fix companyable reult in maintenances 2016-09-27 19:07:45 -07:00
snipe ee2522571c Fixes #2673 2016-09-27 19:07:30 -07:00
snipe 67f199b09d Added customfields to asset CSV export 2016-09-27 15:09:47 -07:00
snipe f1c458185d Client-side pagination on asset report for faster loading 2016-09-27 14:56:05 -07:00
snipe fa72e64b98 Add checkout date to asset report 2016-09-27 08:42:48 -07:00